The medium business model is suitable for small organizations with relatively few hosts to protect, all of which may be located within a single data center.
This configuration example comprises multiple UNIX/Linux hosts located within the SME space and one or more web servers located in a DMZ.
Multiple policy server components (pmmasterd) are installed in a failover configuration, with groups of plugin hosts balanced between the policy servers. If a policy server is unavailable for any reason, the plugin hosts will failover to the alternative policy server.
Figure 3: Medium business implementation: Minimum 2 Masters and Circa 100 Agents
This is an example of how a large business might deploy Safeguard for Sudo. Some global companies prefer to fragment their requirement and deploy multiple instances as shown in the medium-sized business model.
This example comprises three policy servers, two are balancing the load of multiple plugin hosts. This may be necessary if there is a high level of audit and/or a significant volume of requested elevated privilege. Further, there is an additional policy server configured as a failover should one or both policy servers become unavailable.
Figure 4: Large business implementation: Minimum 3 Masters and less than 1000 Agents
Installation and Configuration
This is an overview of the steps necessary to set up your environment to use Safeguard for Sudo software:
To configure a primary policy server
-
Check the server for installation readiness.
-
Install the Safeguard for Sudo policy server package.
-
Configure the primary policy server.
-
Join the primary policy server to policy group.
To configure a secondary policy server
-
Check the host for installation readiness.
-
Install the Safeguard for Sudo policy server package.
-
Configure the secondary policy server.
-
Join the Sudo Plugin host to the secondary policy server.
To install the Sudo Plugin on a remote host
-
Check the remote host for installation readiness.
-
Install the Safeguard for Sudo software on the remote host.
-
Join the Sudo Plugin host to the policy server.
The following topics walk you through these steps.
To download the Safeguard for Sudo software packages
-
Go to https://support.oneidentity.com/safeguard-for-sudo.
-
On the Product Support - Safeguard for Sudo page, click Software Downloads under Self Service Tools in the left pane.
-
On the Safeguard for Sudo - Download Software page, click Download to the right of the version to be downloaded.
For more information about Safeguard for Sudo native platform install packages, see Installation Packages.
-
Read the License Agreement, select the I have read and accept the agreement option, and click Submit.
-
Download the relevant package from the web page.
The Safeguard for Sudo server package includes the PM Agent and the Sudo Plugin components.